Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nalin_Dahyabhai VTE ‘vteseq.c’未明漏洞
Vulnerability Description
在gnome-terminal中使用的VTE 0.25.1和之前的版本的libvte(又名libvte9)中的vteseq.c中的vte_sequence_handler_window_manipulation函数存在漏洞。不能正确处理转义序列,远程攻击者可以借助(1)window标题或(2)icon标题序列执行任意命令或获取潜在敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A